In a computer network, the identification of a client computing device and/or a user of such a device may be desirable for certain purposes. For example, identifying a user when the user accesses a website allows a server hosting that particular website to provide user-tailored information and client-related services. Likewise, identifying a networked client device may allow tailoring of the content and/or the services provided to the user.
Identification can also be important in the prevention of fraudulent access and other computer-based crimes. Information that is communicated via networked computer devices may be sensitive, and therefore access to certain restricted websites and/or server-based applications may be limited to authorized users. An important requirement for controlling such access is the proper identification of the accessing users and/or their devices.
For example, during an online transaction some systems might use unique numbers, e.g., processor serial numbers or a network interface card Media Access Control (MAC) address, or they might read certain device characteristics such as the operating system, software version(s), processor speed, clock skew, etc. From these values, a profile or “fingerprint” of the networked device may be built and later referenced during subsequent server access attempts.
Cookies with embedded data, shared objects, and similar approaches are also widely used for device identification. Such methods are relatively limited in the sense that, at least in the case of cookies, they may be easily deleted. Other approaches may require the execution of an installed program or a privileged code that may not be easily accomplished via a simple web browser session. Moreover, measuring machine characteristics may be problematic in that multiple networked devices having similar characteristics that may be difficult to distinguish from each other, and/or the characteristics of these devices may change over time due to upgrades or other system modifications.